Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/FMG36HBqRtUqt7COIUG1QrrrsQw.roa
File: FMG36HBqRtUqt7COIUG1QrrrsQw.roa (raw, json)
Hash identifier: +rIibyVY3fY3kT8o9SPGAfNUmFMRWDiLA0uoH2crZuE=
Subject key identifier: 14:C1:B7:E8:70:6A:46:D5:2A:B7:B0:8E:21:41:B5:42:BA:EB:B1:0C
Certificate issuer: /CN=a0dbd5d1f86dd9dd66606a14d31d64cb0eaac83b
Certificate serial: 0198F013C5C07159C726448ABF112E6DCAB7
Authority key identifier: A0:DB:D5:D1:F8:6D:D9:DD:66:60:6A:14:D3:1D:64:CB:0E:AA:C8:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNvV0fht2d1mYGoU0x1kyw6qyDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/FMG36HBqRtUqt7COIUG1QrrrsQw.roa
Signing time: Thu 28 Aug 2025 09:48:04 +0000
ROA not before: Thu 28 Aug 2025 09:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 185.200.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/oNvV0fht2d1mYGoU0x1kyw6qyDs.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/oNvV0fht2d1mYGoU0x1kyw6qyDs.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNvV0fht2d1mYGoU0x1kyw6qyDs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 03:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f0:13:c5:c0:71:59:c7:26:44:8a:bf:11:2e:6d:ca:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0dbd5d1f86dd9dd66606a14d31d64cb0eaac83b
Validity
Not Before: Aug 28 09:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14c1b7e8706a46d52ab7b08e2141b542baebb10c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:10:ca:57:02:82:b9:af:80:c2:a3:c4:43:90:
3c:77:af:5f:8a:2b:1c:ee:20:34:99:d1:ba:bf:bb:
aa:a4:c7:68:d7:35:21:9c:99:cc:da:22:53:0f:ce:
f5:f8:a4:3a:15:64:02:6b:52:d4:18:00:c2:c2:eb:
ed:31:12:41:f9:df:b8:75:55:28:ca:a9:13:3f:b1:
30:59:78:97:77:f3:2c:6d:04:7e:66:38:bf:4e:fd:
4d:f8:76:d4:e6:29:29:ba:b0:9f:53:23:46:87:08:
d5:cc:56:24:16:f2:59:fe:0c:02:d7:25:05:e1:72:
91:45:da:6d:96:94:0e:06:2a:87:21:4d:0f:ef:27:
c1:2f:1c:46:54:64:52:d3:7f:d2:bf:47:0a:ff:3c:
08:ab:1b:5c:a9:03:71:d1:3a:90:f0:6b:46:d5:d1:
46:68:1e:af:48:82:a1:f2:d2:02:0c:76:2c:0f:3f:
9a:89:ba:97:2c:d1:91:c0:9b:88:98:7b:c2:f1:c8:
0a:96:74:e3:de:38:23:0f:d7:df:5d:09:89:7f:69:
6f:2b:e9:b9:56:34:58:7e:06:a8:9a:7d:50:7c:ce:
fd:3d:85:f4:6a:cf:67:3d:4b:16:fe:fb:4b:1b:75:
c8:c0:a1:a7:95:20:f2:21:df:a0:b4:91:ca:9f:be:
ca:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:C1:B7:E8:70:6A:46:D5:2A:B7:B0:8E:21:41:B5:42:BA:EB:B1:0C
X509v3 Authority Key Identifier:
keyid:A0:DB:D5:D1:F8:6D:D9:DD:66:60:6A:14:D3:1D:64:CB:0E:AA:C8:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNvV0fht2d1mYGoU0x1kyw6qyDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/FMG36HBqRtUqt7COIUG1QrrrsQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/oNvV0fht2d1mYGoU0x1kyw6qyDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.210.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:24:8a:56:43:0b:1e:74:23:31:84:5f:22:e4:60:d0:35:ec:
46:46:2b:5a:98:ba:29:38:06:84:52:d6:41:ca:88:06:ce:9e:
e4:a6:44:33:4c:4a:96:5a:64:aa:1e:fe:cd:32:5c:41:b3:0d:
15:2f:f0:8c:2b:af:e7:d4:11:1f:a5:a8:e1:6b:5c:99:c5:cf:
60:44:ea:e1:1d:5a:3e:be:8e:19:86:d7:d5:8e:99:f0:a9:bd:
fb:db:8a:5f:55:28:b8:dd:19:d7:20:8c:60:ce:4b:02:6d:29:
8c:12:f7:3e:cf:95:e4:9c:13:51:b4:aa:d2:7f:c7:bc:62:81:
54:2b:17:9f:d2:d3:fc:1f:9d:71:f9:0f:5a:51:2a:6b:57:59:
f0:29:13:79:04:d2:e8:1e:17:f5:3d:97:c0:f1:7a:2b:96:74:
ef:b6:89:93:d8:53:2b:63:3f:8e:00:e3:2b:3d:4e:7c:a2:60:
5c:ce:5d:8a:3d:d7:77:ef:a6:af:91:92:8d:78:4f:00:03:e0:
6e:44:00:52:3d:be:b7:8a:69:0b:3c:0a:cc:4f:24:aa:6b:17:
13:2d:56:2c:e8:f1:63:c1:e3:92:9d:4e:8e:d8:63:8f:cf:d1:
e1:e2:2e:3d:06:d8:97:c3:2b:03:7b:74:cc:21:6d:f5:90:af:
31:2d:e1:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjwE8XAcVnHJkSKvxEubcq3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZGJkNWQxZjg2ZGQ5ZGQ2NjYwNmExNGQzMWQ2NGNiMGVh
YWM4M2IwHhcNMjUwODI4MDk0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGMxYjdlODcwNmE0NmQ1MmFiN2IwOGUyMTQxYjU0MmJhZWJiMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRDKVwKCua+AwqPEQ5A8d69fiisc
7iA0mdG6v7uqpMdo1zUhnJnM2iJTD871+KQ6FWQCa1LUGADCwuvtMRJB+d+4dVUo
yqkTP7EwWXiXd/MsbQR+Zji/Tv1N+HbU5ikpurCfUyNGhwjVzFYkFvJZ/gwC1yUF
4XKRRdptlpQOBiqHIU0P7yfBLxxGVGRS03/Sv0cK/zwIqxtcqQNx0TqQ8GtG1dFG
aB6vSIKh8tICDHYsDz+aibqXLNGRwJuImHvC8cgKlnTj3jgjD9ffXQmJf2lvK+m5
VjRYfgaomn1QfM79PYX0as9nPUsW/vtLG3XIwKGnlSDyId+gtJHKn77KqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBTBt+hwakbVKrewjiFBtUK667EMMB8GA1UdIwQY
MBaAFKDb1dH4bdndZmBqFNMdZMsOqsg7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb052VjBmaHQyZDFtWUdvVTB4MWt5dzZxeURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8xZDRjZmMtOGU1Yy00NTdjLTk2MjAt
MTM1YzkxZWMxOTllLzEvRk1HMzZIQnFSdFVxdDdDT0lVRzFRcnJyc1F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8xZDRjZmMtOGU1Yy00NTdjLTk2MjAtMTM1YzkxZWMxOTll
LzEvb052VjBmaHQyZDFtWUdvVTB4MWt5dzZxeURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucjSMA0G
CSqGSIb3DQEBCwUAA4IBAQCKJIpWQwsedCMxhF8i5GDQNexGRitamLopOAaEUtZB
yogGzp7kpkQzTEqWWmSqHv7NMlxBsw0VL/CMK6/n1BEfpajha1yZxc9gROrhHVo+
vo4ZhtfVjpnwqb3724pfVSi43RnXIIxgzksCbSmMEvc+z5XknBNRtKrSf8e8YoFU
Kxef0tP8H51x+Q9aUSprV1nwKRN5BNLoHhf1PZfA8XorlnTvtomT2FMrYz+OAOMr
PU58omBczl2KPdd376avkZKNeE8AA+BuRABSPb63imkLPArMTySqaxcTLVYs6PFj
weOSnU6O2GOPz9Hh4i49BtiXwysDe3TMIW31kK8xLeHU
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:35:34 2025 by rpki-client